devise-security 0.12.0 → 0.18.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (195) hide show
  1. checksums.yaml +4 -4
  2. data/LICENSE.txt +3 -1
  3. data/README.md +199 -65
  4. data/app/controllers/devise/paranoid_verification_code_controller.rb +28 -12
  5. data/app/controllers/devise/password_expired_controller.rb +34 -10
  6. data/app/views/devise/paranoid_verification_code/show.html.erb +4 -4
  7. data/app/views/devise/password_expired/show.html.erb +6 -6
  8. data/config/locales/bg.yml +42 -0
  9. data/config/locales/by.yml +50 -0
  10. data/config/locales/cs.yml +46 -0
  11. data/config/locales/de.yml +33 -7
  12. data/config/locales/en.yml +26 -1
  13. data/config/locales/es.yml +31 -6
  14. data/config/locales/fa.yml +42 -0
  15. data/config/locales/fr.yml +42 -0
  16. data/config/locales/hi.yml +43 -0
  17. data/config/locales/it.yml +36 -4
  18. data/config/locales/ja.yml +42 -0
  19. data/config/locales/nl.yml +42 -0
  20. data/config/locales/pt.yml +42 -0
  21. data/config/locales/ru.yml +50 -0
  22. data/config/locales/tr.yml +42 -0
  23. data/config/locales/uk.yml +50 -0
  24. data/config/locales/zh_CN.yml +42 -0
  25. data/config/locales/zh_TW.yml +42 -0
  26. data/lib/devise-security/controllers/helpers.rb +74 -51
  27. data/lib/devise-security/hooks/expirable.rb +6 -4
  28. data/lib/devise-security/hooks/paranoid_verification.rb +3 -3
  29. data/lib/devise-security/hooks/password_expirable.rb +5 -3
  30. data/lib/devise-security/hooks/session_limitable.rb +31 -14
  31. data/lib/devise-security/models/active_record/old_password.rb +5 -0
  32. data/lib/devise-security/models/compatibility/active_record_patch.rb +41 -0
  33. data/lib/devise-security/models/compatibility/mongoid_patch.rb +32 -0
  34. data/lib/devise-security/models/compatibility.rb +8 -15
  35. data/lib/devise-security/models/database_authenticatable_patch.rb +20 -10
  36. data/lib/devise-security/models/expirable.rb +14 -7
  37. data/lib/devise-security/models/mongoid/old_password.rb +21 -0
  38. data/lib/devise-security/models/paranoid_verification.rb +4 -2
  39. data/lib/devise-security/models/password_archivable.rb +19 -8
  40. data/lib/devise-security/models/password_expirable.rb +103 -48
  41. data/lib/devise-security/models/secure_validatable.rb +69 -12
  42. data/lib/devise-security/models/security_questionable.rb +2 -0
  43. data/lib/devise-security/models/session_limitable.rb +19 -2
  44. data/lib/devise-security/orm/mongoid.rb +7 -0
  45. data/lib/devise-security/patches/controller_captcha.rb +2 -0
  46. data/lib/devise-security/patches/controller_security_question.rb +3 -1
  47. data/lib/devise-security/patches.rb +16 -8
  48. data/lib/devise-security/rails.rb +2 -0
  49. data/lib/devise-security/routes.rb +4 -3
  50. data/lib/devise-security/validators/password_complexity_validator.rb +62 -0
  51. data/lib/devise-security/version.rb +3 -1
  52. data/lib/devise-security.rb +23 -11
  53. data/lib/generators/devise_security/install_generator.rb +6 -6
  54. data/lib/generators/templates/devise_security.rb +52 -0
  55. data/test/{test_captcha_controller.rb → controllers/test_captcha_controller.rb} +2 -0
  56. data/test/controllers/test_paranoid_verification_code_controller.rb +133 -0
  57. data/test/controllers/test_password_expired_controller.rb +164 -0
  58. data/test/controllers/test_security_question_controller.rb +66 -0
  59. data/test/dummy/Rakefile +3 -1
  60. data/test/dummy/app/assets/config/manifest.js +3 -0
  61. data/test/dummy/app/controllers/application_controller.rb +2 -0
  62. data/test/dummy/app/controllers/captcha/sessions_controller.rb +2 -0
  63. data/test/dummy/app/controllers/overrides/paranoid_verification_code_controller.rb +7 -0
  64. data/test/dummy/app/controllers/overrides/password_expired_controller.rb +17 -0
  65. data/test/dummy/app/controllers/security_question/unlocks_controller.rb +2 -0
  66. data/test/dummy/app/controllers/widgets_controller.rb +9 -0
  67. data/test/dummy/app/models/application_record.rb +10 -2
  68. data/test/dummy/app/models/application_user_record.rb +12 -0
  69. data/test/dummy/app/models/captcha_user.rb +7 -2
  70. data/test/dummy/app/models/mongoid/confirmable_fields.rb +15 -0
  71. data/test/dummy/app/models/mongoid/database_authenticable_fields.rb +18 -0
  72. data/test/dummy/app/models/mongoid/expirable_fields.rb +13 -0
  73. data/test/dummy/app/models/mongoid/lockable_fields.rb +15 -0
  74. data/test/dummy/app/models/mongoid/mappings.rb +15 -0
  75. data/test/dummy/app/models/mongoid/omniauthable_fields.rb +13 -0
  76. data/test/dummy/app/models/mongoid/paranoid_verification_fields.rb +12 -0
  77. data/test/dummy/app/models/mongoid/password_archivable_fields.rb +11 -0
  78. data/test/dummy/app/models/mongoid/password_expirable_fields.rb +12 -0
  79. data/test/dummy/app/models/mongoid/recoverable_fields.rb +13 -0
  80. data/test/dummy/app/models/mongoid/registerable_fields.rb +21 -0
  81. data/test/dummy/app/models/mongoid/rememberable_fields.rb +12 -0
  82. data/test/dummy/app/models/mongoid/secure_validatable_fields.rb +13 -0
  83. data/test/dummy/app/models/mongoid/security_questionable_fields.rb +15 -0
  84. data/test/dummy/app/models/mongoid/session_limitable_fields.rb +12 -0
  85. data/test/dummy/app/models/mongoid/timeoutable_fields.rb +11 -0
  86. data/test/dummy/app/models/mongoid/trackable_fields.rb +16 -0
  87. data/test/dummy/app/models/mongoid/validatable_fields.rb +9 -0
  88. data/test/dummy/app/models/paranoid_verification_user.rb +26 -0
  89. data/test/dummy/app/models/password_expired_user.rb +26 -0
  90. data/test/dummy/app/models/security_question_user.rb +9 -4
  91. data/test/dummy/app/models/user.rb +16 -1
  92. data/test/dummy/app/models/widget.rb +4 -0
  93. data/test/dummy/app/mongoid/admin.rb +31 -0
  94. data/test/dummy/app/mongoid/one_user.rb +58 -0
  95. data/test/dummy/app/mongoid/shim.rb +25 -0
  96. data/test/dummy/app/mongoid/user_on_engine.rb +41 -0
  97. data/test/dummy/app/mongoid/user_on_main_app.rb +41 -0
  98. data/test/dummy/app/mongoid/user_with_validations.rb +37 -0
  99. data/test/dummy/app/mongoid/user_without_email.rb +38 -0
  100. data/test/dummy/config/application.rb +13 -11
  101. data/test/dummy/config/boot.rb +3 -1
  102. data/test/dummy/config/environment.rb +3 -1
  103. data/test/dummy/config/environments/test.rb +6 -13
  104. data/test/dummy/config/initializers/devise.rb +6 -3
  105. data/test/dummy/config/initializers/migration_class.rb +3 -6
  106. data/test/dummy/config/locales/en.yml +10 -0
  107. data/test/dummy/config/mongoid.yml +6 -0
  108. data/test/dummy/config/routes.rb +8 -3
  109. data/test/dummy/config.ru +3 -1
  110. data/test/dummy/db/migrate/20120508165529_create_tables.rb +17 -6
  111. data/test/dummy/db/migrate/20150402165590_add_verification_columns.rb +2 -0
  112. data/test/dummy/db/migrate/20150407162345_add_verification_attempt_column.rb +2 -0
  113. data/test/dummy/db/migrate/20160320162345_add_security_questions_fields.rb +2 -0
  114. data/test/dummy/db/migrate/20180318103603_add_expireable_columns.rb +2 -0
  115. data/test/dummy/db/migrate/20180318105329_add_confirmable_columns.rb +2 -0
  116. data/test/dummy/db/migrate/20180318105732_add_rememberable_columns.rb +2 -0
  117. data/test/dummy/db/migrate/20180318111336_add_recoverable_columns.rb +2 -0
  118. data/test/dummy/db/migrate/20180319114023_add_widget.rb +2 -0
  119. data/test/dummy/lib/shared_expirable_columns.rb +15 -0
  120. data/test/dummy/lib/shared_security_questions_fields.rb +17 -0
  121. data/test/dummy/lib/shared_user.rb +43 -0
  122. data/test/dummy/lib/shared_user_with_password_verification.rb +13 -0
  123. data/test/dummy/lib/shared_user_without_omniauth.rb +24 -0
  124. data/test/dummy/lib/shared_verification_fields.rb +16 -0
  125. data/test/dummy/log/test.log +45240 -0
  126. data/test/i18n_test.rb +22 -0
  127. data/test/integration/test_paranoid_verification_code_workflow.rb +53 -0
  128. data/test/integration/test_password_expirable_workflow.rb +53 -0
  129. data/test/integration/test_session_limitable_workflow.rb +69 -0
  130. data/test/orm/active_record.rb +15 -0
  131. data/test/orm/mongoid.rb +13 -0
  132. data/test/support/integration_helpers.rb +35 -0
  133. data/test/support/mongoid.yml +6 -0
  134. data/test/test_compatibility.rb +15 -0
  135. data/test/test_complexity_validator.rb +282 -0
  136. data/test/test_database_authenticatable_patch.rb +146 -0
  137. data/test/test_helper.rb +41 -9
  138. data/test/test_install_generator.rb +20 -3
  139. data/test/test_paranoid_verification.rb +10 -9
  140. data/test/test_password_archivable.rb +37 -13
  141. data/test/test_password_expirable.rb +72 -9
  142. data/test/test_secure_validatable.rb +289 -55
  143. data/test/test_secure_validatable_overrides.rb +185 -0
  144. data/test/test_session_limitable.rb +57 -0
  145. data/test/tmp/config/initializers/devise_security.rb +52 -0
  146. data/test/tmp/config/locales/devise.security_extension.by.yml +50 -0
  147. data/test/tmp/config/locales/devise.security_extension.cs.yml +46 -0
  148. data/test/tmp/config/locales/devise.security_extension.de.yml +42 -0
  149. data/test/tmp/config/locales/devise.security_extension.en.yml +42 -0
  150. data/test/tmp/config/locales/devise.security_extension.es.yml +42 -0
  151. data/test/tmp/config/locales/devise.security_extension.fa.yml +42 -0
  152. data/test/tmp/config/locales/devise.security_extension.fr.yml +42 -0
  153. data/test/tmp/config/locales/devise.security_extension.hi.yml +43 -0
  154. data/test/tmp/config/locales/devise.security_extension.it.yml +42 -0
  155. data/test/tmp/config/locales/devise.security_extension.ja.yml +42 -0
  156. data/test/tmp/config/locales/devise.security_extension.nl.yml +42 -0
  157. data/test/tmp/config/locales/devise.security_extension.pt.yml +42 -0
  158. data/test/tmp/config/locales/devise.security_extension.ru.yml +50 -0
  159. data/test/tmp/config/locales/devise.security_extension.tr.yml +42 -0
  160. data/test/tmp/config/locales/devise.security_extension.uk.yml +50 -0
  161. data/test/tmp/config/locales/devise.security_extension.zh_CN.yml +42 -0
  162. data/test/tmp/config/locales/devise.security_extension.zh_TW.yml +42 -0
  163. metadata +290 -124
  164. data/.circleci/config.yml +0 -41
  165. data/.document +0 -5
  166. data/.gitignore +0 -40
  167. data/.rubocop.yml +0 -63
  168. data/.ruby-version +0 -1
  169. data/.travis.yml +0 -25
  170. data/Appraisals +0 -19
  171. data/Gemfile +0 -3
  172. data/Rakefile +0 -28
  173. data/devise-security.gemspec +0 -44
  174. data/gemfiles/rails_4.1_stable.gemfile +0 -8
  175. data/gemfiles/rails_4.2_stable.gemfile +0 -8
  176. data/gemfiles/rails_5.0_stable.gemfile +0 -8
  177. data/gemfiles/rails_5.1_stable.gemfile +0 -8
  178. data/gemfiles/rails_5.2_rc1.gemfile +0 -8
  179. data/lib/devise-security/models/old_password.rb +0 -4
  180. data/lib/devise-security/orm/active_record.rb +0 -18
  181. data/lib/devise-security/patches/confirmations_controller_captcha.rb +0 -21
  182. data/lib/devise-security/patches/confirmations_controller_security_question.rb +0 -24
  183. data/lib/devise-security/patches/passwords_controller_captcha.rb +0 -20
  184. data/lib/devise-security/patches/passwords_controller_security_question.rb +0 -23
  185. data/lib/devise-security/patches/registrations_controller_captcha.rb +0 -33
  186. data/lib/devise-security/patches/sessions_controller_captcha.rb +0 -24
  187. data/lib/devise-security/patches/unlocks_controller_captcha.rb +0 -20
  188. data/lib/devise-security/patches/unlocks_controller_security_question.rb +0 -23
  189. data/lib/devise-security/schema.rb +0 -64
  190. data/lib/generators/templates/devise-security.rb +0 -38
  191. data/test/dummy/app/controllers/foos_controller.rb +0 -0
  192. data/test/dummy/app/models/.gitkeep +0 -0
  193. data/test/dummy/app/models/secure_user.rb +0 -3
  194. data/test/test_password_expired_controller.rb +0 -44
  195. data/test/test_security_question_controller.rb +0 -84
data/.circleci/config.yml DELETED
@@ -1,41 +0,0 @@
1
- # Ruby CircleCI 2.0 configuration file
2
- #
3
- # Check https://circleci.com/docs/2.0/language-ruby/ for more details
4
- #
5
- version: 2
6
- jobs:
7
- build:
8
- docker:
9
- # specify the version you desire here
10
- - image: circleci/ruby:2.4.1-node-browsers
11
-
12
- # Specify service dependencies here if necessary
13
- # CircleCI maintains a library of pre-built images
14
- # documented at https://circleci.com/docs/2.0/circleci-images/
15
- # - image: circleci/postgres:9.4
16
-
17
- working_directory: ~/repo
18
-
19
- steps:
20
- - checkout
21
-
22
- # Download and cache dependencies
23
- - restore_cache:
24
- keys:
25
- # fallback to using the latest cache if no exact match is found
26
- - v1-dependencies-
27
-
28
- - run:
29
- name: install dependencies
30
- command: |
31
- bundle install --jobs=4 --retry=3 --path vendor/bundle
32
-
33
- - save_cache:
34
- paths:
35
- - ./vendor/bundle
36
- key: v1-dependencies-{{ checksum "Gemfile.lock" }}
37
-
38
- # run tests!
39
- - run:
40
- name: run tests
41
- command: bundle exec rake
data/.document DELETED
@@ -1,5 +0,0 @@
1
- lib/**/*.rb
2
- bin/*
3
- -
4
- features/**/*.feature
5
- LICENSE.txt
data/.gitignore DELETED
@@ -1,40 +0,0 @@
1
- test/rails_app/log/*
2
- test/rails_app/tmp/*
3
- *~
4
- coverage/*
5
- *.sqlite3
6
- .bundle
7
- rdoc/*
8
- pkg
9
- # Have editor/IDE/OS specific files you need to ignore? Consider using a global gitignore:
10
- #
11
- # * Create a file at ~/.gitignore
12
- # * Include files you want ignored
13
- # * Run: git config --global core.excludesfile ~/.gitignore
14
- #
15
- # After doing this, these files will be ignored in all your git projects,
16
- # saving you from having to 'pollute' every project you touch with them
17
- #
18
- # Not sure what to needs to be ignored for particular editors/OSes? Here's some ideas to get you started. (Remember, remove the leading # of the line)
19
- #
20
- # For MacOS:
21
- #
22
- #.DS_Store
23
- #
24
- # For TextMate
25
- #*.tmproj
26
- #tmtags
27
- #
28
- # For emacs:
29
- #*~
30
- #\#*
31
- #.\#*
32
- #
33
- # For vim:
34
- #*.swp
35
-
36
- log
37
- test/tmp/*
38
- *.gem
39
- Gemfile.lock
40
- *.lock
data/.rubocop.yml DELETED
@@ -1,63 +0,0 @@
1
- AllCops:
2
- TargetRubyVersion: 2.3
3
- Include:
4
- - '**/Rakefile'
5
- - '**/config.ru'
6
- - 'lib/tasks/**/*'
7
- Exclude:
8
- - Gemfile*
9
- - 'db/**/*'
10
- - 'config/**/*'
11
- - 'bin/**/*'
12
- - 'vendor/bundle/**/*'
13
- - 'spec/support/**/*' # rspec support helpers have a strange api
14
-
15
- Rails:
16
- Enabled: true
17
-
18
- # We don't care about method length, since we check method cyclomatic
19
- # complexity.
20
- Metrics/MethodLength:
21
- Enabled: false
22
-
23
- Metrics/LineLength:
24
- Max: 100
25
-
26
- Naming/FileName:
27
- Exclude: ["devise-security.gemspec"]
28
-
29
- Style/ClassAndModuleChildren:
30
- EnforcedStyle: compact
31
- SupportedStyles:
32
- - nested
33
- - compact
34
-
35
- Style/HashSyntax:
36
- EnforcedStyle: ruby19
37
-
38
- Style/SymbolArray:
39
- EnforcedStyle: brackets
40
-
41
- # Trailing commas make for clearer diffs because the last line won't appear
42
- # to have been changed, as it would if it lacked a comma and had one added.
43
- Style/TrailingCommaInArrayLiteral:
44
- EnforcedStyleForMultiline: comma
45
- Style/TrailingCommaInHashLiteral:
46
- EnforcedStyleForMultiline: comma
47
- Style/TrailingCommaInArguments:
48
- EnforcedStyleForMultiline: comma
49
-
50
- # Cop supports --auto-correct.
51
- # Configuration parameters: PreferredDelimiters.
52
- Style/PercentLiteralDelimiters:
53
- PreferredDelimiters:
54
- # Using `[]` for string arrays instead of `()`, since normal arrays are
55
- # indicated with `[]` not `()`.
56
- '%w': '[]'
57
- '%W': '[]'
58
-
59
- Style/AndOr:
60
- # Whether `and` and `or` are banned only in conditionals (conditionals)
61
- # or completely (always).
62
- # They read better, more like normal English.
63
- Enabled: false
data/.ruby-version DELETED
@@ -1 +0,0 @@
1
- 2.2.9
data/.travis.yml DELETED
@@ -1,25 +0,0 @@
1
- language: ruby
2
- before_install: gem install bundler && bundler -v
3
- install: bundle install --jobs=3 --retry=3
4
- before_script: bundle install
5
- script: bundle exec rake
6
- rvm:
7
- - 2.2.9
8
- - 2.3.6
9
- - 2.4.3
10
- - 2.5.0
11
- - ruby-head
12
- matrix:
13
- allow_failures:
14
- - rvm: ruby-head
15
- - gemfile: gemfiles/rails_5.2_rc1.gemfile
16
- - rvm: 2.4.3
17
- gemfile: gemfiles/rails_4.1_stable.gemfile
18
- - rvm: 2.5.0
19
- gemfile: gemfiles/rails_4.1_stable.gemfile
20
- gemfile:
21
- - gemfiles/rails_4.1_stable.gemfile
22
- - gemfiles/rails_4.2_stable.gemfile
23
- - gemfiles/rails_5.0_stable.gemfile
24
- - gemfiles/rails_5.1_stable.gemfile
25
- - gemfiles/rails_5.2_rc1.gemfile
data/Appraisals DELETED
@@ -1,19 +0,0 @@
1
- appraise 'rails-4.1-stable' do
2
- gem 'rails', '~> 4.1.0'
3
- end
4
-
5
- appraise 'rails-4.2-stable' do
6
- gem 'rails', '~> 4.2.0'
7
- end
8
-
9
- appraise 'rails-5.0-stable' do
10
- gem 'rails', '~> 5.0.0'
11
- end
12
-
13
- appraise 'rails-5.1-stable' do
14
- gem 'rails', '~> 5.1.0'
15
- end
16
-
17
- appraise 'rails-5.2-rc1' do
18
- gem 'rails', '~> 5.2.0.rc1'
19
- end
data/Gemfile DELETED
@@ -1,3 +0,0 @@
1
- source "https://rubygems.org"
2
- gemspec
3
- gem 'omniauth'
data/Rakefile DELETED
@@ -1,28 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- $LOAD_PATH.unshift File.join(File.dirname(__FILE__), 'lib')
4
- require 'rubygems'
5
- require 'bundler'
6
- require 'rake/testtask'
7
- require 'rdoc/task'
8
- require 'devise-security/version'
9
-
10
- desc 'Default: Run DeviseSecurity unit tests'
11
- task default: :test
12
-
13
- Rake::TestTask.new(:test) do |t|
14
- t.libs << 'lib'
15
- t.libs << 'test'
16
- t.test_files = FileList['test/*test*.rb']
17
- t.verbose = true
18
- t.warning = false
19
- end
20
-
21
- Rake::RDocTask.new do |rdoc|
22
- version = DeviseSecurity::VERSION.dup
23
-
24
- rdoc.rdoc_dir = 'rdoc'
25
- rdoc.title = "devise-security #{version}"
26
- rdoc.rdoc_files.include('README*')
27
- rdoc.rdoc_files.include('lib/**/*.rb')
28
- end
@@ -1,44 +0,0 @@
1
- # -*- encoding: utf-8 -*-
2
- # frozen_string_literal: true
3
-
4
- $LOAD_PATH.push File.expand_path('../lib', __FILE__)
5
- require 'devise-security/version'
6
-
7
- Gem::Specification.new do |s|
8
- s.name = 'devise-security'
9
- s.version = DeviseSecurity::VERSION.dup
10
- s.platform = Gem::Platform::RUBY
11
- s.licenses = ['MIT']
12
- s.summary = 'Security extension for devise'
13
- s.email = 'natebird@gmail.com'
14
- s.homepage = 'https://github.com/devise-security/devise-security'
15
- s.description = 'An enterprise security extension for devise.'
16
- s.authors = [
17
- 'Marco Scholl', 'Alexander Dreher', 'Nate Bird', 'Dillon Welch'
18
- ]
19
-
20
- s.files = `git ls-files`.split("\n")
21
- s.test_files = `git ls-files -- test/*`.split("\n")
22
- s.require_paths = ['lib']
23
- s.required_ruby_version = '>= 2.2.9'
24
-
25
- if RUBY_VERSION >= '2.4'
26
- s.add_runtime_dependency 'rails', '>= 4.1.0', '< 6.0'
27
- else
28
- s.add_runtime_dependency 'railties', '>= 4.1.0', '< 6.0'
29
- end
30
- s.add_runtime_dependency 'devise', '>= 4.2.0', '< 5.0'
31
-
32
- s.add_development_dependency 'appraisal'
33
- s.add_development_dependency 'bundler', '>= 1.3.0', '< 2.0'
34
- s.add_development_dependency 'coveralls', '~> 0.8'
35
- s.add_development_dependency 'easy_captcha', '~> 0'
36
- s.add_development_dependency 'm'
37
- s.add_development_dependency 'minitest', '5.10.3' # see https://github.com/seattlerb/minitest/issues/730
38
- s.add_development_dependency 'pry-byebug'
39
- s.add_development_dependency 'pry-rescue'
40
- s.add_development_dependency 'pry'
41
- s.add_development_dependency 'rails_email_validator', '~> 0'
42
- s.add_development_dependency 'rubocop', '~> 0'
43
- s.add_development_dependency 'sqlite3', '~> 1.3', '>= 1.3.10'
44
- end
@@ -1,8 +0,0 @@
1
- # This file was generated by Appraisal
2
-
3
- source "https://rubygems.org"
4
-
5
- gem "omniauth"
6
- gem "rails", "~> 4.1.0"
7
-
8
- gemspec path: "../"
@@ -1,8 +0,0 @@
1
- # This file was generated by Appraisal
2
-
3
- source "https://rubygems.org"
4
-
5
- gem "omniauth"
6
- gem "rails", "~> 4.2.0"
7
-
8
- gemspec path: "../"
@@ -1,8 +0,0 @@
1
- # This file was generated by Appraisal
2
-
3
- source "https://rubygems.org"
4
-
5
- gem "omniauth"
6
- gem "rails", "~> 5.0.0"
7
-
8
- gemspec path: "../"
@@ -1,8 +0,0 @@
1
- # This file was generated by Appraisal
2
-
3
- source "https://rubygems.org"
4
-
5
- gem "omniauth"
6
- gem "rails", "~> 5.1.0"
7
-
8
- gemspec path: "../"
@@ -1,8 +0,0 @@
1
- # This file was generated by Appraisal
2
-
3
- source "https://rubygems.org"
4
-
5
- gem "omniauth"
6
- gem "rails", "~> 5.2.0.rc1"
7
-
8
- gemspec path: "../"
@@ -1,4 +0,0 @@
1
- require 'active_record'
2
- class OldPassword < ActiveRecord::Base
3
- belongs_to :password_archivable, polymorphic: true
4
- end
@@ -1,18 +0,0 @@
1
- module DeviseSecurity
2
- module Orm
3
- # This module contains some helpers and handle schema (migrations):
4
- #
5
- # create_table :accounts do |t|
6
- # t.password_expirable
7
- # end
8
- #
9
- module ActiveRecord
10
- module Schema
11
- include DeviseSecurity::Schema
12
- end
13
- end
14
- end
15
- end
16
-
17
- ActiveRecord::ConnectionAdapters::Table.send :include, DeviseSecurity::Orm::ActiveRecord::Schema
18
- ActiveRecord::ConnectionAdapters::TableDefinition.send :include, DeviseSecurity::Orm::ActiveRecord::Schema
@@ -1,21 +0,0 @@
1
- module DeviseSecurity::Patches
2
- module ConfirmationsControllerCaptcha
3
- extend ActiveSupport::Concern
4
- included do
5
- define_method :create do
6
- if valid_captcha_if_defined?(params[:captcha])
7
- self.resource = resource_class.send_confirmation_instructions(params[resource_name])
8
-
9
- if successfully_sent?(resource)
10
- respond_with({}, location: after_resending_confirmation_instructions_path_for(resource_name))
11
- else
12
- respond_with(resource)
13
- end
14
- else
15
- flash[:alert] = t('devise.invalid_captcha') if is_navigational_format?
16
- respond_with({}, location: new_confirmation_path(resource_name))
17
- end
18
- end
19
- end
20
- end
21
- end
@@ -1,24 +0,0 @@
1
- module DeviseSecurity::Patches
2
- module ConfirmationsControllerSecurityQuestion
3
- extend ActiveSupport::Concern
4
- included do
5
- define_method :create do
6
- # only find via email, not login
7
- resource = resource_class.find_or_initialize_with_error_by(:email, params[resource_name][:email], :not_found)
8
-
9
- if valid_captcha_or_security_question?(resource, params)
10
- self.resource = resource_class.send_confirmation_instructions(params[resource_name])
11
-
12
- if successfully_sent?(resource)
13
- respond_with({}, location: after_resending_confirmation_instructions_path_for(resource_name))
14
- else
15
- respond_with(resource)
16
- end
17
- else
18
- flash[:alert] = t('devise.invalid_security_question') if is_navigational_format?
19
- respond_with({}, location: new_confirmation_path(resource_name))
20
- end
21
- end
22
- end
23
- end
24
- end
@@ -1,20 +0,0 @@
1
- module DeviseSecurity::Patches
2
- module PasswordsControllerCaptcha
3
- extend ActiveSupport::Concern
4
- included do
5
- define_method :create do
6
- if valid_captcha_if_defined?(params[:captcha])
7
- self.resource = resource_class.send_reset_password_instructions(params[resource_name])
8
- if successfully_sent?(resource)
9
- respond_with({}, location: new_session_path(resource_name))
10
- else
11
- respond_with(resource)
12
- end
13
- else
14
- flash[:alert] = t('devise.invalid_captcha') if is_navigational_format?
15
- respond_with({}, location: new_password_path(resource_name))
16
- end
17
- end
18
- end
19
- end
20
- end
@@ -1,23 +0,0 @@
1
- module DeviseSecurity::Patches
2
- module PasswordsControllerSecurityQuestion
3
- extend ActiveSupport::Concern
4
- included do
5
- define_method :create do
6
- # only find via email, not login
7
- resource = resource_class.find_or_initialize_with_error_by(:email, params[resource_name][:email], :not_found)
8
-
9
- if valid_captcha_or_security_question?(resource, params)
10
- self.resource = resource_class.send_reset_password_instructions(params[resource_name])
11
- if successfully_sent?(resource)
12
- respond_with({}, location: new_session_path(resource_name))
13
- else
14
- respond_with(resource)
15
- end
16
- else
17
- flash[:alert] = t('devise.invalid_security_question') if is_navigational_format?
18
- respond_with({}, location: new_password_path(resource_name))
19
- end
20
- end
21
- end
22
- end
23
- end
@@ -1,33 +0,0 @@
1
- module DeviseSecurity::Patches
2
- module RegistrationsControllerCaptcha
3
- extend ActiveSupport::Concern
4
- included do
5
- define_method :create do |&block|
6
- build_resource(sign_up_params)
7
-
8
- if valid_captcha_if_defined?(params[:captcha])
9
- if resource.save
10
- block.call(resource) if block
11
- if resource.active_for_authentication?
12
- set_flash_message :notice, :signed_up if is_flashing_format?
13
- sign_up(resource_name, resource)
14
- respond_with resource, location: after_sign_up_path_for(resource)
15
- else
16
- set_flash_message :notice, :"signed_up_but_#{resource.inactive_message}" if is_flashing_format?
17
- expire_data_after_sign_in!
18
- respond_with resource, location: after_inactive_sign_up_path_for(resource)
19
- end
20
- else
21
- clean_up_passwords resource
22
- respond_with resource
23
- end
24
-
25
- else
26
- resource.errors.add :base, t('devise.invalid_captcha')
27
- clean_up_passwords resource
28
- respond_with resource
29
- end
30
- end
31
- end
32
- end
33
- end
@@ -1,24 +0,0 @@
1
- module DeviseSecurity::Patches
2
- module SessionsControllerCaptcha
3
- extend ActiveSupport::Concern
4
- included do
5
- define_method :create do |&block|
6
- if valid_captcha_if_defined?(params[:captcha])
7
- self.resource = warden.authenticate!(auth_options)
8
- set_flash_message(:notice, :signed_in) if is_flashing_format?
9
- sign_in(resource_name, resource)
10
- block.call(resource) if block
11
- respond_with resource, location: after_sign_in_path_for(resource)
12
- else
13
- flash[:alert] = t('devise.invalid_captcha') if is_flashing_format?
14
- respond_with({}, location: new_session_path(resource_name))
15
- end
16
- end
17
-
18
- # for bad protected use in controller
19
- define_method :auth_options do
20
- { scope: resource_name, recall: "#{controller_path}#new" }
21
- end
22
- end
23
- end
24
- end
@@ -1,20 +0,0 @@
1
- module DeviseSecurity::Patches
2
- module UnlocksControllerCaptcha
3
- extend ActiveSupport::Concern
4
- included do
5
- define_method :create do
6
- if valid_captcha_if_defined?(params[:captcha])
7
- self.resource = resource_class.send_unlock_instructions(params[resource_name])
8
- if successfully_sent?(resource)
9
- respond_with({}, location: new_session_path(resource_name))
10
- else
11
- respond_with(resource)
12
- end
13
- else
14
- flash[:alert] = t('devise.invalid_captcha') if is_navigational_format?
15
- respond_with({}, location: new_unlock_path(resource_name))
16
- end
17
- end
18
- end
19
- end
20
- end
@@ -1,23 +0,0 @@
1
- module DeviseSecurity::Patches
2
- module UnlocksControllerSecurityQuestion
3
- extend ActiveSupport::Concern
4
- included do
5
- define_method :create do
6
- # only find via email, not login
7
- resource = resource_class.find_or_initialize_with_error_by(:email, params[resource_name][:email], :not_found)
8
-
9
- if valid_captcha_or_security_question?(resource, params)
10
- self.resource = resource_class.send_unlock_instructions(params[resource_name])
11
- if successfully_sent?(resource)
12
- respond_with({}, location: new_session_path(resource_name))
13
- else
14
- respond_with(resource)
15
- end
16
- else
17
- flash[:alert] = t('devise.invalid_security_question') if is_navigational_format?
18
- respond_with({}, location: new_unlock_path(resource_name))
19
- end
20
- end
21
- end
22
- end
23
- end
@@ -1,64 +0,0 @@
1
- module DeviseSecurity
2
- # add schema helper for migrations
3
- module Schema
4
- # Add password_changed_at columns in the resource's database table.
5
- #
6
- # Examples
7
- #
8
- # # For a new resource migration:
9
- # create_table :the_resources do |t|
10
- # t.password_expirable
11
- # ...
12
- # end
13
- #
14
- # # or if the resource's table already exists, define a migration and put this in:
15
- # change_table :the_resources do |t|
16
- # t.datetime :password_changed_at
17
- # end
18
- #
19
- def password_expirable
20
- apply_devise_schema :password_changed_at, DateTime
21
- end
22
-
23
- # Add password_archivable columns
24
- #
25
- # Examples
26
- #
27
- # create_table :old_passwords do
28
- # t.password_archivable
29
- # end
30
- # add_index :old_passwords, [:password_archivable_type, :password_archivable_id], name: :index_password_archivable
31
- #
32
- def password_archivable
33
- apply_devise_schema :encrypted_password, String, limit: 128, null: false
34
- apply_devise_schema :password_salt, String
35
- apply_devise_schema :password_archivable_id, Integer, null: false
36
- apply_devise_schema :password_archivable_type, String, null: false
37
- apply_devise_schema :created_at, DateTime
38
- end
39
-
40
- # Add session_limitable columns in the resource's database table.
41
- #
42
- # Examples
43
- #
44
- # # For a new resource migration:
45
- # create_table :the_resources do |t|
46
- # t.session_limitable
47
- # ...
48
- # end
49
- #
50
- # # or if the resource's table already exists, define a migration and put this in:
51
- # change_table :the_resources do |t|
52
- # t.string :unique_session_id, limit: 20
53
- # end
54
- #
55
- def session_limitable
56
- apply_devise_schema :unique_session_id, String, limit: 20
57
- end
58
-
59
- def expirable
60
- apply_devise_schema :expired_at, DateTime
61
- apply_devise_schema :last_activity_at, DateTime
62
- end
63
- end
64
- end
@@ -1,38 +0,0 @@
1
- Devise.setup do |config|
2
- # ==> Security Extension
3
- # Configure security extension for devise
4
-
5
- # Should the password expire (e.g 3.months)
6
- # config.expire_password_after = false
7
-
8
- # Need 1 char of A-Z, a-z and 0-9
9
- # config.password_regex = /(?=.*\d)(?=.*[a-z])(?=.*[A-Z])/
10
-
11
- # How many passwords to keep in archive
12
- # config.password_archiving_count = 5
13
-
14
- # Deny old password (true, false, count)
15
- # config.deny_old_passwords = true
16
-
17
- # enable email validation for :secure_validatable. (true, false, validation_options)
18
- # dependency: need an email validator like rails_email_validator
19
- # config.email_validation = true
20
-
21
- # captcha integration for recover form
22
- # config.captcha_for_recover = true
23
-
24
- # captcha integration for sign up form
25
- # config.captcha_for_sign_up = true
26
-
27
- # captcha integration for sign in form
28
- # config.captcha_for_sign_in = true
29
-
30
- # captcha integration for unlock form
31
- # config.captcha_for_unlock = true
32
-
33
- # captcha integration for confirmation form
34
- # config.captcha_for_confirmation = true
35
-
36
- # Time period for account expiry from last_activity_at
37
- # config.expire_after = 90.days
38
- end
File without changes
File without changes
@@ -1,3 +0,0 @@
1
- class SecureUser < ActiveRecord::Base
2
- devise :database_authenticatable, :secure_validatable, email_validation: false
3
- end